Building Private Clouds with Windows Azure Pack (WAP)

The model of elastic self-service deployment of VMs and applications that come with the Azure public cloud are changing the way IT departments allocate servers. Rather than tying servers to a specific application, IT departments now look to provide a pool of shared and dynamically self-allocated resources. There are compelling needs to run on premise a private version of the Azure Cloud that provides a lot of the multi-tenant services and benefits of the public Cloud. There are a lot of hosting partners that want to offer these Azure Cloud OS services to their customers. MS wants to give a consistent platform across hosting providers, private DCs, and Azure Cloud. The newly released Windows Azure Pack (WAP) decouples and brings a few of Azure OS features and a modified portal with common code base into the private Cloud. It allows an enterprises to assume the role of service providers. It removes limitations to allow service providers to try and garner enterprise workloads.

Using WAP, your IT department can install these new features. (This was previously Windows Azure Services for Windows Server released at start of 2013 with System Center). The Azure Pack is built on top of Windows Server 2012 and System Center R2/ with Service Provider Foundation. An IT Dept. that builds on w2012 and Sys Center can move to WAP anytime. One of WAP’s goals is to drive a consistent IT ops and developer experience. These technologies will evolve over time. Some features for Azure will be released first in WAP and rolled into Azure Cloud, and vice versa. WAP comes at no cost for datacenters running System Center and Windows Server 2012.

Here are the services/workloads in the first release of Windows Azure Pack.1. Web sites
• IIS currently is a server-centric platform but needs to evolve to be Cloud-first. IIS team rebuilt a new hosting PaaS with LB and scaling on-demand, dev0ps optimized. High-density supports 1000s of users on less of a cost than IIS with new capabilities. This is a good motivation to move into the on premise Cloud instead of running original IIS.
• Multi-machine PaaS container with data and app tier and Load balancing. The platform can talk to many source code providers. As an IT Ops person you just deploy the Web PaaS and don’t have to mess with configuration issues.

2. Service Bus
• Been on premise awhile but had restrictions. Now is same messaging architecture as Azure Cloud service bus with no limitations.
• Reliable messaging to build a cloud app that scales and communicates with other apps or across other boundaries. Messaging allows a way to pass and receive messages cross platform.
• Supports publish and subscribe messaging patterns across a variety of access points on multiple platforms using standard protocols.

3. Virtual Machines (IaaS)
• Allows you to provision and manage VMs as a consumer and define your networking. Gallery of apps and fully self-service experience for provisioning VMs.
• Consistent Azure VM API on premise and in Cloud so you can access VMs the same way regardless of where DC is that you are using.
• Adds a new Azure feature called Virtual Machine Roles (like AMIs in AWS which are Amazon EC2 Virtual Machine Templates). A VM Role provides a way to scale VMs elastically and define metadata for its container and its parameters. They are VM templates the IT Department can define to make available for self-provisioning and can scale. Templates can be versioned and take initial container info such as instance count, VM size, and hard disk. Provide admin credentials and OS version, IP address type and allocation method for IP address. You can specify app specific settings as well.
• Virtual Networks allows you to define VMs. Site to Site connectivity allows customers to connect their Cloud networks to their private networks. Good for hosters as well as the enterprise.

4. Service Management Portal and API
• Federate identities, Active Directory, and standards based.
• Take same portal as in Azure, decouple it, and run it in the on premise DC and talks to the consistent Service Management API.

Service Consumers
Service consumers are those who consume apps (developers) and infrastructure (IT Ops) from Service Providers. They need self-service admin and want to acquire capacity upon demand within limits defined by IT Dept. or hosting provider (have an internal approval process to increase beyond limits). Need predictable costs and get up and running quickly.

IT Depts. are now moving internally using a charge-back model (internal dollars vs. credit card) where IT Ops are charging back to different departments, almost like internal hosters. Today some internal IT requests lead internal folks to go out of band to get their job done via external hosting providers or acquire HW/SW without IT approval. WAP helps with simple and quick self-provisioning so no longer need to acquire hosting hardware outside IT budget.

Additional Consumer Services
• Integration with AD for the enterprise. ADFS and co-admins that are critical for the enterprise (Not for service providers).
• Integration with SQL Server and MySQL. Support for SQL Server always on to make DBs highly available across cluster.
• Co-Admins in WAP allows you now to associate an IT group with a co-admin account. This does not exists in Azure Cloud yet.
• Console Connect – Today Remote desktop in Azure Cloud IaaS will only work on a public network (RDP for Windows VM or SSH for Linux). If you can’t get to it publicly you can’t remote into VM. Now, with WAP, you have a new feature called “Console Connect” through a secure channel that allows you to connect into a machine that is not running on a public network but in an enterprise on premise network.

Service Providers
Service Providers want to provide the most service at lowest cost to service consumers. Providers want to use hardware efficiency by automating everything. Also may desire to provide differentiate on SLAs and profiles for different environments – thus different SLAs per workload that is not present in public cloud.
As the enterprise looks to move from capital to operational expenditures service providers see a window of opportunity to acquire enterprise business in the leased model of a private Cloud. WAP allows service providers to easily shift their offerings in this direction to attract this business from the enterprise.

Provider Portal
WAP supplies a Provider Portal for the cloud services that Service providers can offer their tenants (for enterprises or hosters). Can provides different SLAs to customers through portal and tailor how you offer those services. The Provider portal runs inside the enterprise firewall. It manages a different set of objects than the normal portal. You can manage a high-level PaaS Web hosting container that hosts multiple Web sites. You can connect to VM clouds and service bus deployments along with their health. There is an automation tab that integrates with run books in System Center and you can edit workbook jobs and schedule them, and tie them to events coming from System Center.

Additional Provider Services
In the Provider portal there is a Plans service that allows providers to decide what types of plans a customer can access. Providers pick services to make available and then define a set of constraints and quotas for each subscription for subscribers. Providers can pick the VM template and Gallery items available. Maps capabilities to backend infrastructure.
• Public plan allows subscribers to try out a plan
• Private plan allows you to manually permit a subscription.

Additionally in the Provider Portal there is a User Accounts service allowing providers to manage users and add co-admins or suspend/delete a subscription.